Google Health won't be ad-supported; privacy advocates still wary

Friday

Feb 29, 2008 at 12:15 AM

ORLANDO, Fla. — Google Inc. won't sell ads to support a new Internet service that stores personal medical information, CEO Eric Schmidt said Thursday in the search giant's first detailed comments about a venture that has raised privacy concerns.

TRAVIS REED

ORLANDO, Fla. — Google Inc. won't sell ads to support a new Internet service that stores personal medical information, CEO Eric Schmidt said Thursday in the search giant's first detailed comments about a venture that has raised privacy concerns.

Schmidt described Google Health as a platform for users to manage their own records, such as medical test results and prescriptions. It would be accessed with a user name and password, just like a Google e-mail account, and could be called up on any computer with an Internet connection.

A primary benefit, Schmidt said, is the portability of records from one health care provider to the next. He repeatedly said no data would be shared without the consumer's consent.

"Our model is that the owner of the data has control over who can see it," Schmidt said at the annual conference of the Healthcare Information and Management Systems Society. "And trust, for Google, is the most important currency on the Internet."

The service is not yet available publicly, but Schmidt said it will be an open system where third parties can build direct-to-consumer services like medication tables or immunization reminders. Google intends to profit by increasing traffic to its search site — the same approach it used with the ad-free Google News section.

The Mountain View, Calif.-based company isn't the only one vying for the personal health record market. Microsoft Corp. last year introduced a service called HealthVault, and AOL co-founder Steve Case is backing Revolution Health, which offers similar online tools.

Microsoft's service has ads, but they aren't personalized based on health records or searches. Revolution Health does not have ads on its health records service.

Google has raised privacy concerns in other areas by tailoring ads based on search requests, and its e-mail service scans the text of messages to flash pitches from businesses that seem to offer corresponding products or services.

The bigger problem with these online health systems, privacy advocates say, is that they aren't covered by the federal Health Insurance Portability and Accountability Act, commonly called HIPAA. The 1996 privacy law requires patient notification when their records are being subpoenaed, among other things.

"Once you take sensitive health care information outside of the health care sector, it loses important protections that people have come to expect," said Pam Dixon, executive director of the nonprofit World Privacy Forum. "Your physician has taken a Hippocratic Oath, and they are bound to have your best interests in mind. A publicly traded company is supposed to have shareholders in mind first."

Dixon said even the issue of consenting online to the release of information is muddy.

"I think we've all consented to things online we haven't meant to simply by failing to check or uncheck a box," she said. "Something else very big in HIPAA is you can withdraw consent. Will there be a way for people to undo the consent afterward? If you have accidentally consented to release the results of an HIV test or a cancer test, you might need to take that back."

Schmidt said Google Health would be at least as secure as current systems.

"In the Google implementation, your personal health information will not be given to anyone without their explicit permission, which is not true completely for HIPAA-compliant systems," he said. "If we get a subpoena, we always check our judgment as to whether the subpoena is narrow enough. If we think it's a fishing expedition, we will fight it in court. That has worked well for us so far."

Schmidt described the service as helping both doctors and the increasing number of patients who use the Internet for their own medical research.

"There are 6 billion people who would benefit from the system. Only 1.5 billion or so are online," Schmidt said. "A reasonable goal will be that every single person who has access to the Internet would consider having a personal health record."

The company is testing the service with about 1,370 volunteers at the Cleveland Clinic, a nonprofit medical center. Schmidt wouldn't say when it will go public. It will be available first in the United States and then expand piecemeal abroad.